﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using Model;
using System.Data.SqlClient;
using System.Data;
using System.Security.Cryptography;

namespace Dal
{
    public class DalAdmin
    {
        SqlCommand cmd = null;
        string sql = "";

        public bool Login(ModelAdmin m)
        {
            SqlConnection conn = crecteSqlConnection.sqlconn();
            conn.Open();
            try
            {
                string strPwd = MD5Encrypt(m.Pwd);
                strPwd = strPwd.Replace("'", "’");

                sql = "select count(*) from Administrators where Acc='" + m.Acc + "'and Pwd='" + strPwd + "'";
                cmd = new SqlCommand(sql, conn);
                if (cmd.ExecuteScalar().ToString() != "0")
                    return true;

            }
            catch (Exception)
            {
            }
            finally
            {
                conn.Close();
                conn.Dispose();
            }
            return false;
        }
        public string Admin_Grade(ModelAdmin m)
        {
            //查询管理员权限
            SqlConnection conn = crecteSqlConnection.sqlconn();
            conn.Open();
            try
            {

                sql = "select Grade from Administrators where Acc='" + m.Acc + "'";
                cmd = new SqlCommand(sql, conn);
                if (cmd.ExecuteScalar().ToString() != "")
                    return cmd.ExecuteScalar().ToString();

            }
            catch (Exception)
            {
            }
            finally
            {
                conn.Close();
                conn.Dispose();
            }
            return "";
        }

        public string Admin_Name(ModelAdmin m)
        {
            //管理员的名称
            SqlConnection conn = crecteSqlConnection.sqlconn();
            conn.Open();
            
            try
            {
                string strPwd = MD5Encrypt(m.Pwd);
                strPwd = strPwd.Replace("'", "’");

                sql = "select Name from Administrators where Acc='"+m.Acc+ "'and Pwd='" + strPwd + "'";

                cmd = new SqlCommand(sql, conn);
                if (cmd.ExecuteScalar().ToString() != "")
                    return cmd.ExecuteScalar().ToString();
            }
            catch (Exception)
            {

            }
            finally
            {
                conn.Close();
                conn.Dispose();
            }
            return "";
        }

        public string Admin_Type(ModelAdmin m)
        {
            //管理员的名称
            SqlConnection conn = crecteSqlConnection.sqlconn();
            conn.Open();

            try
            {
                string strPwd = MD5Encrypt(m.Pwd);
                strPwd = strPwd.Replace("'", "’");

                sql = "select Type from Administrators where Acc='" + m.Acc + "'and Pwd='" + strPwd + "'";

                cmd = new SqlCommand(sql, conn);
                if (cmd.ExecuteScalar().ToString() != "")
                    return cmd.ExecuteScalar().ToString();
            }
            catch (Exception)
            {

            }
            finally
            {
                conn.Close();
                conn.Dispose();
            }
            return "";
        }

        public bool IsAdmin_AccPwd(ModelAdmin m)
        {
            //查询是否存在账号密码
            SqlConnection conn = crecteSqlConnection.sqlconn();
            conn.Open();
            try
            {
                sql = "select count(*) from Administrators where Acc='"+m.Acc+"' Deleted='false'";
                cmd = new SqlCommand(sql, conn);
                if (cmd.ExecuteScalar().ToString() != "0")
                    return true;
            }
            catch (Exception)
            {
                return false;
            }
            finally
            {
                conn.Close();
                conn.Dispose();
            }
            return false;
        }

        public string Add(ModelAdmin m)
        {
            //管理员添加
            SqlConnection conn = crecteSqlConnection.sqlconn();
            conn.Open();
            if (!IsAdmin_AccPwd(m))
            {
                try
                {
                    m.Pwd = MD5Encrypt(m.Pwd);
                    string strPwd = m.Pwd;

                    m.Pwd = strPwd.Replace("'", "’");

                    sql = "insert into Administrators(Acc,Pwd,Grade,Name,Type)values('" + m.Acc + "','" + m.Pwd + "','" + m.Grade + "','" + m.Name + "','"+m.Type+"')";
                    cmd = new SqlCommand(sql, conn);
                    if (cmd.ExecuteNonQuery() > 0)
                    {
                        return "添加成功!";
                    }
                }
                catch (Exception ex)
                {
                    return ex.Message;
                }
                finally
                {
                    conn.Close();
                    conn.Dispose();
                }
            }
            return "管理员已存在!";
        }

        public string MD5Encrypt(string strText)//md5加密
        {
            MD5 md5 = new MD5CryptoServiceProvider();
            byte[] result = md5.ComputeHash(System.Text.Encoding.Default.GetBytes(strText));
            return System.Text.Encoding.Default.GetString(result);
        }

        public DataTable All_Information(ModelAdmin m)
        {
            //显示数据
            SqlConnection conn = crecteSqlConnection.sqlconn();
            DataTable dt = null;
            conn.Open();
            try
            {
                if(m.Acc=="thgzs")
                    sql = "select * from Administrators where Deleted='false'";
                else
                    sql = "select * from Administrators where Deleted='false' and Id!=1";
                cmd = new SqlCommand(sql, conn);
                SqlDataAdapter da = new SqlDataAdapter(cmd);
                DataSet ds = new DataSet();
                da.Fill(ds, "table");
                dt = ds.Tables["table"];
                return dt;
            }
            catch (Exception)
            {
                return dt;
            }
            finally
            {
                conn.Close();
                conn.Dispose();
            }
        }

        public bool Data_Delete(ModelAdmin m)
        {
            //删除管理员
            SqlConnection conn = crecteSqlConnection.sqlconn();
            conn.Open();
            try
            {
                sql = "update Administrators set Deleted='True' where Id='" + m.AdminId + "'";
                cmd = new SqlCommand(sql, conn);
                if (cmd.ExecuteNonQuery() > 0)
                    return true;
            }
            catch (Exception)
            {
                return false;
            }
            finally
            {
                conn.Close();
                conn.Dispose();
            }
            return false;
        }

        public bool Update_Information(ModelAdmin m)
        {
            //管理员更新
            SqlConnection conn = crecteSqlConnection.sqlconn();

            conn.Open();
            try
            {

                if(m.PwdType==1)
                {
                    m.Pwd = MD5Encrypt(m.Pwd);
                    string strPwd = m.Pwd;

                    m.Pwd = strPwd.Replace("'", "’");
                }

                sql = "update Administrators set Acc='" + m.Acc + "',Pwd='" + m.Pwd + "',Grade='" + m.Grade + "',Name='" + m.Name + "' where Id='" + m.AdminId + "'";
                cmd = new SqlCommand(sql, conn);
                if (cmd.ExecuteNonQuery() > 0)
                {
                    return true;
                }
            }
            catch (Exception)
            {
                return false;
            }
            finally
            {
                conn.Close();
                conn.Dispose();
            }
            return false;
        }

        public DataTable Singlex_Information(ModelAdmin m)
        {
            //更新时显示数据
            SqlConnection conn = crecteSqlConnection.sqlconn();
            DataTable dt = null;
            
            conn.Open();
            try
            {
                sql = "select * from Administrators where Id='" + m.AdminId + "'";
                cmd = new SqlCommand(sql, conn);
                SqlDataAdapter da = new SqlDataAdapter(cmd);
                DataSet ds = new DataSet();
                da.Fill(ds, "table");
                if (ds.Tables["table"] != null)
                {
                    dt = ds.Tables["table"];
                    return dt;
                }

            }
            catch (Exception)
            {
                return dt = null;
            }
            finally
            {
                conn.Close();
                conn.Dispose();
            }
            return dt = null;
        }
    }
}
